小贝子编程

CRSF令牌丢失或不正确



我得到一个403禁止的错误。我试过做论坛上已经解释过的上下文的事情,但我仍然坚持到底。

我做错了什么?我的观点.py

def add_player(request, team_id):
    template = get_template('cricket/addplayer.html')
    loggedinuser = request.user
    team = Team.objects.get(id=team_id)
    if request.method== 'POST':
        form = PlayerForm(request.POST)
        if form.is_valid():
            player = Player.objects.create(
                name = form.cleaned_data['name'],
                team = Team.objects.get(id=team_id),
                role = form.cleaned_data['role'],
                position = form.cleaned_data['position']
            )
            return HttpResponseRedirect('/team/%s/' % team_id)
    else:
        form = PlayerForm
    page_vars = Context({
        'form': form,
        'loggedinuser': loggedinuser,
        'team': team,
    })
    output = template.render(page_vars)
    return HttpResponse(output)

和我的模板。正如你所看到的,它有{%csrf_token%}

{% extends 'cricket/base.html' %}
{% block title %}
    {{ loggedinuser }}
{% endblock %}
{% block username %}
    {{ loggedinuser }}
{% endblock %}
{% block date %}
    {{ today }}
{% endblock %}
{% block content %}
    <div class="span7">
        <h2>Adding player for {{ team }}</h2>
        <form method="post" action=".">
            {% csrf_token %}
            {{ form.as_p }}
            <input type="submit">
        </form>
    </div>
{% endblock %}

我很确定我很快就会把脑袋从什么东西上砍下来。

//鼠标

好的,我解决了。你必须使用RequestContext。这是我的解决方案,将原始代码中的最后两行更改为包含crsfcontext

page_vars = Context({
    'form': form,
    'loggedinuser': loggedinuser,
    'team': team,
})
crsfcontext = RequestContext(request, page_vars)
output = template.render(crsfcontext)
return HttpResponse(output)

您还可以在django中使用基于类的通用视图。在你的情况下可能是这样的:(我没有测试它)

urls.py

urlpatterns = patterns('',
    url(r'^your-url/(?P<teamId>d+)/$', AddPlayerView.as_view(), name="add-player"),
)

views.py

from django.views.generic import FormView
from django.core.urlresolvers import reverse
 .....
class AddPlayerView(FormView):
    template_name = 'cricket/addplayer.html'
    form_class = PlayerForm 
    def form_valid(self, form):
    """ Code if the form is valid """
                ...
        player = Player.objects.create(
            name = form.cleaned_data['name'],
            team = Team.objects.get(id=form.cleaned_data['team_id']),
            role = form.cleaned_data['role'],
            position = form.cleaned_data['position']
        )
        # You could use url reverse here
        url = reverse('your-view-name', args=[form.cleaned_data['team_id']])
        return HttpResponseRedirect(url)

    def form_invalid(self, form):
    """ Code if the form is invalid """
        .....

    def get_context_data(self, **kwargs):
        context = super(AddPlayerView, self).get_context_data(**kwargs)
        loggedinuser = self.request.user
        team = Team.objects.get(id=self.kwargs['teamId'])
        context['loggedinuser'] = loggedinuser
        context['team'] = team
        return context

尝试使用render_to_response函数,而不是带有一些RequestContext的HttpResponse。

相关内容

最新更新


热门标签:

javascript python java c# php android html jquery c++ css ios sql mysql arrays asp.net json python-3.x ruby-on-rails .net sql-server django objective-c excel regex ruby linux ajax iphone xml vba spring asp.net-mvc database wordpress string postgresql wpf windows xcode bash git oracle list vb.net multithreading eclipse algorithm macos powershell visual-studio image forms numpy scala function api selenium